14 DAY TRIAL // Although rumors about the arrest of Paunch – the Russian hacker responsible for the development of the BlackHole exploit kit – have not been confirmed, security researchers have found some evidence suggesting that the reports might be true.
As Malwarebytes experts highlight, the service that’s used to encrypt BlackHole, crypt.am, is down.
Furthermore, security researcher Kafeine has found that the malicious Java applet that’s normally updated by Paunch once or twice each day hasn’t been modified for more than four days.
If the rumors turn out to be true, cybercriminals who have been renting BlackHole will no longer get updates and they’ll be forced to start using other exploit kits. Only those who host the exploit kit themselves have the chance of keeping it alive, if they’re skilled enough.
On the other hand, Kafeine has already found that cybercriminals who used the Cool exploit kit – which is also maintained by Paunch – to distribute Reveton malware have started utilizing the Whitehole exploit kit.